To be honest, when we switched to LE I thought this would solve all our sub-domain cert issues. @Juju and @Streetwalrus should indeed fix this. Plus this would allow us to finally use SSL for the WalrusIRC smileys and other things.

Yeah, just need a little bit of setup, shouldn't be hard at all.Would be cool if nginx supported variables/macros in the config so we could just add an include line and add the domain to acmetool, and boom, https.

I already have this thing set up, you just tell it that you want certs for a given subdomain and it will check and renew them on a cronjob.The only problem is the nginx config, lots of copy-pasta. Also our current config is a bit messy.

Bump.More and more browsers are now complaining about insecure connections.And while codewalr.us does support HTTPS, there are some issues :- The fact on the frontpage, some images uses http: rather than https:. Should be fairly trivial to fix.- Cookies do not use the HttpOnly and Secure flags. Should be done for security

I believe it should be made HTTPS-only because even on older operating systems like NT 4.0, it is possible to visit secure websites with TLS 1.0 and all.As for browsers that do not support HTTPS, i honestly doubt they can support codewalr.us properly anyway.Preferably, codewalrus should also support CSP, here are the csp settings i use for my website.